Date: Mon, 15 May 2017 19:36:09 +0000 From: Alexey Dokuchaev <danfe@FreeBSD.org> To: Konstantin Belousov <kostikbel@gmail.com> Cc: Ian Lepore <ian@freebsd.org>, src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r318313 - head/libexec/rtld-elf Message-ID: <20170515193609.GC28684@FreeBSD.org> In-Reply-To: <20170515192529.GH1622@kib.kiev.ua> References: <201705151848.v4FImwMW070221@repo.freebsd.org> <20170515185236.GB1637@FreeBSD.org> <20170515190030.GG1622@kib.kiev.ua> <1494875335.59865.118.camel@freebsd.org> <20170515192529.GH1622@kib.kiev.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, May 15, 2017 at 10:25:29PM +0300, Konstantin Belousov wrote:
> On Mon, May 15, 2017 at 01:08:55PM -0600, Ian Lepore wrote:
> > Well, for example, it seems like it would allow anyone to execute a
> > binary even if the sysadmin had set it to -x specifically to prevent
> > people from running it.
>
> The direct mode does not (and cannot) honor set{u,g}id modes of the
> executable, so any binary run this way would only exercise the existing
> power of the user which did it.
>
> The most advanced explanation that I was given in private was among
> the lines: "if you have an environment where users can upload content
> to a shared server, but have no access to chmod(2), no compilers, no
> scripting languages, etc." The person then admitted that (s)he does not
> consider it as an actual concern.
Would this now allow executing binaries (with or without +x bit) from
filesystems mounted with -o noexec?
./danfe
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20170515193609.GC28684>